This is an automated email from the ASF dual-hosted git repository.

rlevas pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new ce7237c  [AMBARI-22981] Updating Hadoop RPC Encryption Properties 
During Upgrade (#546)
ce7237c is described below

commit ce7237cc4a2f1dd78b929c83a6db5ef62018bd84
Author: smolnar82 <34065904+smolna...@users.noreply.github.com>
AuthorDate: Wed Mar 7 17:20:03 2018 +0100

    [AMBARI-22981] Updating Hadoop RPC Encryption Properties During Upgrade 
(#546)
    
    * AMBARI-22981. Updating Hadoop RPC Encryption Properties During Upgrade
    
    * AMBARI-22981. Removed unnecessary security_enabled check
---
 .../resources/stacks/HDP/2.6/upgrades/config-upgrade.xml | 12 ++++--------
 .../stacks/HDP/2.6/upgrades/nonrolling-upgrade-3.0.xml   |  5 ++---
 ambari-web/app/data/configs/wizards/secure_mapping.js    | 16 ++++++++++++++++
 3 files changed, 22 insertions(+), 11 deletions(-)

diff --git 
a/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/config-upgrade.xml 
b/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/config-upgrade.xml
index 4608673..1ce0455 100644
--- 
a/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/config-upgrade.xml
+++ 
b/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/config-upgrade.xml
@@ -53,18 +53,14 @@
       </component>
       <component name="DATANODE">
         <changes>
-          <definition xsi:type="configure" 
id="hdfs_set_data_transfer_protection"
-                      summary="Enables SASL for authentication of data 
transfer protocol">
+          <definition xsi:type="configure" 
id="hdfs_set_data_transfer_protection" summary="Enables SASL for authentication 
of data transfer protocol">
             <type>hdfs-site</type>
-            <set key="dfs.data.transfer.protection" 
value="authentication,privacy" if-type="hdfs-site"
-                 if-key="dfs.http.policy" if-value="HTTPS_ONLY"/>
+            <set key="dfs.data.transfer.protection" 
value="authentication,privacy" />
           </definition>
 
-          <definition xsi:type="configure" 
id="hdfs_set_hadoop_rpc_protection_on_kerberized_cluster"
-                      summary="Encrypting the data transfered between hadoop 
services and clients">
+          <definition xsi:type="configure" 
id="hdfs_set_hadoop_rpc_protection_on_kerberized_cluster" summary="Encrypting 
the data transfered between hadoop services and clients">
             <type>core-site</type>
-            <set key="hadoop.rpc.protection" value="authentication,privacy" 
if-type="cluster-env"
-                 if-key="security_enabled" if-value="true"/>
+            <set key="hadoop.rpc.protection" value="authentication,privacy" />
           </definition>
         </changes>
       </component>
diff --git 
a/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/nonrolling-upgrade-3.0.xml
 
b/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/nonrolling-upgrade-3.0.xml
index a842f40..3e6b7bd 100644
--- 
a/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/nonrolling-upgrade-3.0.xml
+++ 
b/ambari-server/src/main/resources/stacks/HDP/2.6/upgrades/nonrolling-upgrade-3.0.xml
@@ -295,14 +295,13 @@
             <!--HDFS-->
             <execute-stage service="HDFS" component="DATANODE"
                            title="Enables SASL for authentication of data 
transfer protocol">
-                <condition xsi:type="config" type="hdfs-site" 
property="dfs.http.policy" value="HTTPS_ONLY"
-                           comparison="equals"/>
+                <condition xsi:type="security" type="kerberos" />
                 <task xsi:type="configure" 
id="hdfs_set_data_transfer_protection"/>
             </execute-stage>
 
             <execute-stage service="HDFS" component="DATANODE"
                            title="Encrypting the data transfered between 
hadoop services and clients">
-                <condition xsi:type="security" type="kerberos"/>
+                <condition xsi:type="security" type="kerberos" />
                 <task xsi:type="configure" 
id="hdfs_set_hadoop_rpc_protection_on_kerberized_cluster"/>
             </execute-stage>
 
diff --git a/ambari-web/app/data/configs/wizards/secure_mapping.js 
b/ambari-web/app/data/configs/wizards/secure_mapping.js
index 2d24628..fcc981a 100644
--- a/ambari-web/app/data/configs/wizards/secure_mapping.js
+++ b/ambari-web/app/data/configs/wizards/secure_mapping.js
@@ -39,6 +39,14 @@ var props = [
     "serviceName": "HDFS"
   },
   {
+    "name": "hadoop.rpc.protection",
+    "templateName": [],
+    "foreignKey": null,
+    "value": "authentication,privacy",
+    "filename": "core-site.xml",
+    "serviceName": "HDFS"
+  },
+  {
     "name": "hadoop.security.auth_to_local",
     "templateName": ["resourcemanager_primary_name", "kerberos_domain", 
"yarn_user", "nodemanager_primary_name", "namenode_primary_name", "hdfs_user", 
"datanode_primary_name", "hbase_master_primary_name", 
"hbase_user","hbase_regionserver_primary_name","oozie_primary_name","oozie_user","jobhistory_primary_name","mapred_user","journalnode_principal_name","falcon_primary_name","falcon_user"],
     "foreignKey": null,
@@ -170,6 +178,14 @@ var props = [
     "serviceName": "HDFS"
   },
   {
+    "name": "dfs.data.transfer.protection",
+    "templateName": [],
+    "foreignKey": null,
+    "value": "authentication,privacy",
+    "filename": "hdfs-site.xml",
+    "serviceName": "HDFS"
+  },
+  {
     "name": "mapreduce.jobhistory.principal",
     "templateName": ["jobhistory_principal_name", "kerberos_domain"],
     "foreignKey": null,

-- 
To stop receiving notification emails like this one, please contact
rle...@apache.org.

Reply via email to